Don’t Miss Peer-2-Peer Sessions at RSAC 2015

By all means, you should try to attend at least one Peer-2-Peer session while at RSA Conference this year. These sessions let you dig into a specific security topic you care about with your industry peers. It is a great opportunity to learn what other people are doing and walk away with new ideas. Wondering which conversation will be the most relevant to your job role and concerns? We asked each session facilitator to provide a short summary to help you decide.

This post highlights five P2P sessions (Scroll down for answers). Links to other session summaries are at the bottom of the page.

We also included some questions to get you started thinking so that you come to the session prepared with some thoughts.

Vulnerability and Risk Scoring: What Ratings Really Mean (P2P-R02B)Who should attend?The ideal group of attendees would include a mixture of a number of positions, responsibilities, and skill sets. “It is my opinion that vulnerability and risk scoring is often skewed due to a vocal minority with shared experience and insight,” says Tyler Reguly, manager of security research and development at Tripwire and facilitator of this session. “As a facilitator, I would love to see people from both the operations and security sides of business, vendors and vendees, management and staff, and the occasional security researcher to discuss the most holistic view possible. As a participant, I'm hoping for people who are as excited and interested in vulnerability and risk scoring as I am,” Reguly says.

Why is this topic important?Breaches are, unfortunately, becoming more and more common and it seems that with each breach, the scale and scope of those affected increases. Combine that with the recent influx of highly discussed, named vulnerabilities in the media and you have a situation that leaves people scrambling. The best solution we have is proper prioritization of issues…knowing which holes to close and which threats to respond to is crucial to our joint success against these threats and a universal system that everyone agrees on gets us closer to that goal.

What should attendees think about?There are two questions that I feel are important in a discussion around vulnerability and risk scoring today and they could potentially provide a strong basis for discussion during the P2P session:

How do media reports on vulnerabilities and security issues impact your prioritization and response times? Does the view your superiors and/or subordinates have on the issue based on media commentary negatively or positively affect your ability to investigate and resolve an issue?

Looking at the current scoring and prioritization systems that are available, what works and what doesn't work? Are there components missing or is there extra information available that you don't need?

What will attendees walk away with after the session?“As a participant, I hope to walk away with a better understanding of how others view vulnerability and risk scoring, which I hope will be true for everyone involved in the discussion. As a facilitator, I hope that everyone involved identifies new techniques or systems that they can apply to their daily work related to vulnerability and risk scoring. I often find that one person's application of a concept can greatly differ from another's and open discussion and a shared understanding can only strengthen and improve everyone's application of vulnerability and risk scoring concepts,” Reguly says.

A Dialogue on Threat Intelligence KPIs (P2P-W03A)Who should attend?“I believe my P2P session is best attended by security leaders, program managers and those who are leading efforts to develop, operationalize and mature threat intelligence programs at their organization,” says Rafal Los, director of solutions research at Accuvant and facilitator of this session. The session is geared towards someone who has a working knowledge of the enterprise security, and is in a position to define their organization's future. No specific skills but someone who understands the value of intelligence-supported security would make a great participant and benefit the most.

Why is this topic important?Los says this topic is top-of-mind with many security organizations in the enterprise right now primarily because static defenses are repeatedly failing. Security organizations are looking for a way to leverage available information about adversaries and malicious activity to defend their organization better but get lost in the marketing and analyst hype. This session is an extension of 6 months of research into leading practices on threat intelligence, designed to give the attendee something to walk away from and make useful immediately for the benefit of their enterprise.

What should attendees think about?Prior to attending the session there are three things attendees should think about. First, what their enterprise's drivers are, and why they are interested in incorporating threat intelligence into their security program framework. Second, to think through what their organization's goals are, and what capabilities they would like to attain. Finally, attendees should think about their existing resources (human, financial, technology) and how these could be evolved (or not) in the future.

What will attendees walk away with after the session?“At the end of the session I want to have people walk away with understanding what threat intelligence actually means—to them—and how they can leverage this solution category to do security 'better'; whether that means using existing resources or acquiring new ones,” Los says. Through discussion and debate we can uncover some core drivers, goals and capabilities, and measurements (Key Performance Indicators) to help them not only make sense of threat intelligence and whether it is right for their organization but to also measure its effectiveness when they do decide to move forward.

Data Collection for Litigation: Avoiding Privacy and Security Pitfalls (P2P-W03B)Who should attend?Two groups of people will likely benefit from and contribute to this session. First, legal counsel and staff responsible for implementing and enforcing litigation holds on electronically stored information (ESI); these would include litigators, paralegals and in-house counsel. The second group would be IT leadership and staff that are generally tasked by the legal department to preserve and collect ESI when litigation or an investigation arises.

Why is this topic important?Any organization can face litigation or an investigation. Except in the largest (or most litigious) companies, most people tasked with addressing data preservation issues actually do something else as their principal job function; this is generally an add-on to an already overburdened workforce. Like all critical processes, being prepared before a crisis hits is more likely to result in a positive outcome than trying to figure it out on the fly. When litigation or an investigation occurs, the risk is too high to leave this essential function to chance.

What should attendees think about?Attendees should be thinking about data preservation problems they’ve encountered in the past and what questions they could ask about how they might have prevented them. They should be prepared to share their experiences—both good and bad—so the whole group may benefit. Think about what has worked, and what has not. What tools/practices did you find helpful, and what have you found lacking?

What will attendees walk away with after the session?“I hope, with robust participation from both legal and IT professionals that each will come away with a higher level of respect for just how difficult each other’s jobs truly are, and how only by working as a team can a positive outcome be assured,” says Kenneth Mendelson, managing director of Stroz Freidberg and facilitator of this session. By sharing experiences, attendees should come away with new ideas for tools, practices, policies and procedures that will help them better handle these difficult situations in the future.

Are Digital Anonymity and a "Right to Forget" the New Snake Oil? (P2P-W03D)Who should attend?Attendees who are responsible for collection, handling, and process around personal data for their organizations would benefit from this session. This session is not only for governance- and compliance-focused representatives, but also for those who deliver customer and citizen engagement. This session will look not only at the risks in personal data collection but also the opportunities and potential. Job titles and roles for this session include CIOs, CPOs, GRC, Managers, Communications, Outreach, Evangelists - Policy and Technologists. “We will be connecting policy and technology considerations,” says Joni Brennan, technology evangelist security and privacy for IEEE-SA and facilitator of this session.

Why is this topic important?The topic of personal data collection and governance is critical from both a security and data protection perspective but also from a customer and citizen engagement perspective. As "how privacy works" (or does not) is in a constantly changing paradigm organizations must be informed for strategy execution today and development for tomorrow.

What should attendees think about?Some questions to come thinking about are: Does the right to privacy trump free speech? Should the US adopt the Right to Be Forgotten (RTBF)?

What will attendees walk away with after the session?Success would be measured by leading the attendees to a high level discussion of RTBF advantages and disadvantages. Attendees should walk away with critically developed understanding of the current status for RTBF and issues to be addressed moving ahead. Attendees should be able to re-connect for potential follow-on activities or collaborations with respect to RTBF and the connection between technology and policy development.

Cyber Bullying, Revenge Porn And The Work Place (P2P-R02D)Who should attend?Attendees who are in management positions or supervise others would benefit most from this session, as well as individuals who feel they are or may be victims of cyber-bullying or revenge porn would also benefit from the session. This is a non-technical session, consequently there are no specific roles or skills, says Lawrence Dietz, general counsel and managing director of information security at TAL Global and facilitator of this session.

Contributions can come from anyone who has experience or interest in the topic. In some cases, attendees who are parents of children in Middle and High School would find the session a safe forum to express concerns and learn about alternative ways to deal with these complex issues.

Why is this topic important?Relationships develop and end in both real and virtual workplaces. Employers are required to maintain a cordial work environment free from sexual harassment and similar behaviors. These rules also apply to the cyber world.

While cyber bullying and revenge porn have typically been associated with teenagers, some individuals do not have mature social skills to be able to cope with the downsides of relationships in the workplace. This session will help frame the issues and foster an environment to develop policy elements and actions to reduce the possibility and negative impact of cyber bullying and revenge porn in the workplace.

What should attendees think about?Individuals should think about their personal definitions of cyber-porn and cyber-bullying. They should also bring with them examples (real or fictional) to be used in the discussions, without attribution, of course.

What will attendees walk away with after the session?“I’m hoping to facilitate a candid discussion of revenge porn and cyber-bullying in the workplace by being able to build on the comments and examples provided by the attendees. I will bring examples and case studies of my own to foster these discussions as well as information concerning litigation and regulation in these areas,” Dietz says. Attendees should have a working definition of both cyber bullying and revenge porn, and an understanding of the current state of the law in these areas. The discussion should yield action items and points to ponder in developing and implementing polices and procedures with respect to cyber bullying and revenge porn at the workplace.

Check out other P2P sessions in parts one, two, four, five, and six. We look forward to seeing you in San Francisco!

Upcoming Conferences

EMC2, EMC, RSA and their respective logos are registered
trademarks or trademarks of EMC Corporation in the
United States and other countries. All other trademarks
used herein are the property of their respective owners.